Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/610b54-4174-4605-8c56-b8a3e9cfeaf7/1/atwsIKz5mPCjL-cp_bLMnRoBP9I.mft
File:                     atwsIKz5mPCjL-cp_bLMnRoBP9I.mft (raw, json)
Hash identifier:          xy5xZfikKffYpARYsTveN58OAuwLWvYcTxMCRL3Z61A=
Subject key identifier:   69:6A:10:00:BB:4E:16:09:2F:98:FF:88:BC:60:1A:09:22:09:1D:1D
Authority key identifier: 6A:DC:2C:20:AC:F9:98:F0:A3:2F:E7:29:FD:B2:CC:9D:1A:01:3F:D2
Certificate issuer:       /CN=6adc2c20acf998f0a32fe729fdb2cc9d1a013fd2
Certificate serial:       019D29974918DA09C5FC89CC66029E5E512D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/atwsIKz5mPCjL-cp_bLMnRoBP9I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/610b54-4174-4605-8c56-b8a3e9cfeaf7/1/atwsIKz5mPCjL-cp_bLMnRoBP9I.mft
Manifest number:          0168
Signing time:             Thu 26 Mar 2026 10:01:13 +0000
Manifest this update:     Thu 26 Mar 2026 10:01:13 +0000
Manifest next update:     Fri 27 Mar 2026 10:01:13 +0000
Files and hashes:         1: atwsIKz5mPCjL-cp_bLMnRoBP9I.crl (hash: hrPNANCg/rFY97WjlRaAb93i6O4485egNRxSc7DYtIM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/610b54-4174-4605-8c56-b8a3e9cfeaf7/1/atwsIKz5mPCjL-cp_bLMnRoBP9I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/610b54-4174-4605-8c56-b8a3e9cfeaf7/1/atwsIKz5mPCjL-cp_bLMnRoBP9I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/atwsIKz5mPCjL-cp_bLMnRoBP9I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:97:49:18:da:09:c5:fc:89:cc:66:02:9e:5e:51:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6adc2c20acf998f0a32fe729fdb2cc9d1a013fd2
        Validity
            Not Before: Mar 26 10:01:13 2026 GMT
            Not After : Mar 27 10:01:13 2026 GMT
        Subject: CN=696a1000bb4e16092f98ff88bc601a0922091d1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:71:e5:bd:66:26:72:ea:1a:fb:fb:4f:7b:94:
                    66:f4:d0:45:94:68:bd:68:87:d3:2f:ff:ec:28:38:
                    e1:ff:36:3b:7a:35:b9:59:81:cf:54:c4:eb:e7:61:
                    db:dc:7a:b9:83:56:0a:2e:bc:fd:ed:d9:99:2d:64:
                    4c:7d:6c:68:53:54:bf:06:3b:c3:aa:23:84:d5:a9:
                    bc:40:8b:91:32:8b:ea:20:32:cf:29:1e:ec:7f:ce:
                    91:b5:5d:0c:f2:12:6d:78:7f:ba:e1:5f:dd:6b:2c:
                    4e:21:20:46:29:07:6e:b0:82:98:9c:7f:fa:ed:dc:
                    bc:66:b6:eb:b4:87:82:46:b4:bd:a0:dc:66:ae:0d:
                    6b:a2:a1:d6:9e:71:02:7c:a4:75:0b:20:4e:f7:18:
                    c8:69:18:58:7b:43:da:16:7c:e5:0b:a0:0a:dd:c6:
                    0c:0e:a0:90:54:3f:23:14:bf:4c:87:47:12:df:36:
                    a3:0c:cc:53:1a:bf:d4:d7:76:b5:2c:4c:c3:cf:06:
                    85:fd:5a:a9:a1:79:cf:e0:ad:2a:3e:b1:5b:a7:61:
                    68:b7:54:d1:f6:5b:2f:ae:91:2d:53:ba:70:0f:6e:
                    c1:51:34:87:58:c1:39:d8:c1:54:e9:a0:ec:94:4d:
                    7d:91:26:0b:35:27:04:0b:55:ed:91:a9:98:86:ea:
                    38:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:6A:10:00:BB:4E:16:09:2F:98:FF:88:BC:60:1A:09:22:09:1D:1D
            X509v3 Authority Key Identifier:
                keyid:6A:DC:2C:20:AC:F9:98:F0:A3:2F:E7:29:FD:B2:CC:9D:1A:01:3F:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/atwsIKz5mPCjL-cp_bLMnRoBP9I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/610b54-4174-4605-8c56-b8a3e9cfeaf7/1/atwsIKz5mPCjL-cp_bLMnRoBP9I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/610b54-4174-4605-8c56-b8a3e9cfeaf7/1/atwsIKz5mPCjL-cp_bLMnRoBP9I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:62:41:9f:59:51:2a:99:ab:50:4f:3e:b2:ca:fe:d0:87:ea:
         8a:dc:87:e2:ce:6a:8d:f7:ce:cc:d5:68:9f:c5:e9:af:80:55:
         33:e3:fd:38:66:2a:7e:17:d6:97:dd:ad:a4:52:c2:ec:52:c9:
         e8:43:68:46:54:d1:ae:57:44:e1:c1:53:21:c8:ca:70:69:bc:
         f6:a1:1e:e9:01:a8:c7:77:c1:1c:3f:31:19:12:d6:cc:8e:0f:
         22:e9:e2:86:9b:d5:41:e4:dd:c8:13:00:bf:2c:bb:16:57:bf:
         1a:22:b2:23:06:4b:13:42:6a:47:92:2e:b8:e0:2d:97:f1:bb:
         d5:4b:55:8d:02:63:8a:c6:48:60:fe:83:f5:44:fb:2f:77:dd:
         34:a0:9a:b5:ce:8b:1d:d5:3f:22:44:4a:fe:bb:b8:14:f4:ee:
         62:fc:28:66:05:e9:81:ca:00:50:89:36:be:63:5c:f3:33:4f:
         35:f0:d1:61:c8:1b:50:80:6b:1e:f7:9c:7e:cd:16:4e:6a:62:
         15:7b:5d:e0:a8:72:e7:30:9c:76:4b:7b:86:a7:56:a7:39:02:
         f1:e6:6a:e2:45:71:97:4f:6d:6c:67:32:e6:ac:8d:23:93:9c:
         08:ef:34:08:78:5f:e8:6c:9a:bc:ff:0b:f9:c1:86:52:9a:1d:
         88:dd:33:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pl0kY2gnF/InMZgKeXlEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZGMyYzIwYWNmOTk4ZjBhMzJmZTcyOWZkYjJjYzlkMWEw
MTNmZDIwHhcNMjYwMzI2MTAwMTEzWhcNMjYwMzI3MTAwMTEzWjAzMTEwLwYDVQQD
Eyg2OTZhMTAwMGJiNGUxNjA5MmY5OGZmODhiYzYwMWEwOTIyMDkxZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3HlvWYmcuoa+/tPe5Rm9NBFlGi9
aIfTL//sKDjh/zY7ejW5WYHPVMTr52Hb3Hq5g1YKLrz97dmZLWRMfWxoU1S/BjvD
qiOE1am8QIuRMovqIDLPKR7sf86RtV0M8hJteH+64V/dayxOISBGKQdusIKYnH/6
7dy8ZrbrtIeCRrS9oNxmrg1roqHWnnECfKR1CyBO9xjIaRhYe0PaFnzlC6AK3cYM
DqCQVD8jFL9Mh0cS3zajDMxTGr/U13a1LEzDzwaF/VqpoXnP4K0qPrFbp2Fot1TR
9lsvrpEtU7pwD27BUTSHWME52MFU6aDslE19kSYLNScEC1XtkamYhuo4HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlqEAC7ThYJL5j/iLxgGgkiCR0dMB8GA1UdIwQY
MBaAFGrcLCCs+Zjwoy/nKf2yzJ0aAT/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXR3c0lLejVtUENqTC1jcF9iTE1uUm9CUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MTBiNTQtNDE3NC00NjA1LThjNTYt
YjhhM2U5Y2ZlYWY3LzEvYXR3c0lLejVtUENqTC1jcF9iTE1uUm9CUDlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MTBiNTQtNDE3NC00NjA1LThjNTYtYjhhM2U5Y2ZlYWY3
LzEvYXR3c0lLejVtUENqTC1jcF9iTE1uUm9CUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWmJBn1lR
KpmrUE8+ssr+0IfqityH4s5qjffOzNVon8Xpr4BVM+P9OGYqfhfWl92tpFLC7FLJ
6ENoRlTRrldE4cFTIcjKcGm89qEe6QGox3fBHD8xGRLWzI4PIunihpvVQeTdyBMA
vyy7Fle/GiKyIwZLE0JqR5IuuOAtl/G71UtVjQJjisZIYP6D9UT7L3fdNKCatc6L
HdU/IkRK/ru4FPTuYvwoZgXpgcoAUIk2vmNc8zNPNfDRYcgbUIBrHvecfs0WTmpi
FXtd4Khy5zCcdkt7hqdWpzkC8eZq4kVxl09tbGcy5qyNI5OcCO80CHhf6GyavP8L
+cGGUpodiN0zag==
-----END CERTIFICATE-----